Lucene search

K
cve[email protected]CVE-2022-3684
HistoryMar 28, 2023 - 1:15 p.m.

CVE-2022-3684

2023-03-2813:15:06
CWE-404
web.nvd.nist.gov
25
vulnerability
sdm600
endpoint
unresponsiveness
exploit
web services
nvd
cve-2022-3684
cpes

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.6%

A vulnerability exists in a SDM600 endpoint.
An attacker could exploit this vulnerability by running multiple parallel requests, the SDM600 web services become busy rendering the application unresponsive.
This issue affects:Β All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291)

List of CPEs:

  • cpe:2.3:a:hitachienergy:sdm600:1.0:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.1:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.9002.257:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.10002.257:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.11002.149:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.12002.222:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.13002.72:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.44:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.92:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.108:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.182:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.257:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.342:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.447:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.481:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.506:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.14002.566:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.20000.3174:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.21000.291:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.21000.931:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.21000.105:::::::*
  • cpe:2.3:a:hitachienergy:sdm600:1.2.23000.291:::::::*

Affected configurations

NVD
Node
hitachienergysdm600Range1.0–1.2.23000.291

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SDM600",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "unaffected",
        "version": "SDM600 1.3"
      },
      {
        "lessThanOrEqual": "SDM600 1.2.*",
        "status": "affected",
        "version": "SDM600 1.2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "SDM600 1.1.*",
        "status": "affected",
        "version": "SDM600 1.1",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "SDM600 1.0.*",
        "status": "affected",
        "version": "SDM600 1.0",
        "versionType": "custom"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.6%

Related for CVE-2022-3684